P
US7434258B2ExpiredUtilityPatentIndex 92

Method and communication system for controlling security association lifetime

Assignee: NOKIA CORPPriority: May 7, 2002Filed: Jan 16, 2003Granted: Oct 7, 2008
Est. expiryMay 7, 2022(expired)· nominal 20-yr term from priority
Inventors:BAJKO GABORHAUKKA TAO
H04L 9/00H04L 9/32H04L 9/3271H04L 63/108H04L 63/20H04L 65/1016H04W 12/61H04W 12/06H04L 2209/56H04L 63/164H04L 63/08
92
PatentIndex Score
17
Cited by
11
References
41
Claims

Abstract

A method for selecting a time length of a security association (SA) between user equipment (UE) which transmits and receives communications and a control entity in a communication system in accordance with the invention, includes transmitting a registration message (SM 1 ) from the user equipment to the control entity (P-CSCF) requesting registration of the user equipment with the control entity; after transmission of the registration message, setting the time length of the security association between the user equipment and the control entity to be equal to a registration time length set between the user equipment and the control entity during which registration of the user equipment with the control entity is valid; and transmitting the set time length of the security association to the user equipment as part of an acknowledgment message (SM 10 or SM 12 ) to the registration message to cause the security association to have a time equal to the registration timer length.

Claims

exact text as granted — not AI-modified
1. A method, comprising:
 receiving a registration message from a user equipment, wherein the registration message is configured to request registration of the user equipment, and wherein the user equipment is configured to transmit and receive communications; 
 after receiving the registration message, setting a time length of a security association to be equal to a registration time length set for a registration of the user equipment; 
 transmitting the set time length of the security association to the user equipment as part of an acknowledgment message to the registration message to cause the security association to have a time equal to the registration time length; and 
 sending an authentication challenge comprising a temporary timer to the user equipment, preceding the acknowledgment message, which sets a time duration for the user equipment to respond to the authentication challenge, 
 wherein communications with the user equipment comprise a session initiation protocol, 
 wherein the registration message comprises a session initiation protocol register request message, and 
 wherein the acknowledgment message comprises a session initiation protocol response message. 
 
   
   
     2. A method in accordance with  claim 1 , further comprising:
 performing a call state control function. 
 
   
   
     3. A method in accordance with  claim 2 , wherein: the session initiation protocol response comprises a 200 Auth_Ok message. 
   
   
     4. A method in accordance with  claim 2  comprising:
 receiving a registration message from the user equipment in a response message to the authentication challenge within the set time duration for the user equipment to respond to the authentication challenge. 
 
   
   
     5. A method in accordance with  claim 3 , comprising:
 receiving a registration message from the user equipment in a response message to the authentication challenge within the set time duration for the user equipment to respond to the authentication challenge. 
 
   
   
     6. A method in accordance with  claim 3 , wherein:
 the time length is contained in one of an expires or contact header of the session initiation protocol. 
 
   
   
     7. A method in accordance with  claim 2 , wherein:
 the temporary timer comprises a non-invite transaction timeout timer of the session initiation protocol. 
 
   
   
     8. A method in accordance with  claim 3 , wherein:
 the temporary timer comprises a non-invite transaction timeout timer of the session initiation protocol. 
 
   
   
     9. A method in accordance with  claim 1 , wherein:
 the session initiation protocol response comprises a 200 Auth_Ok message. 
 
   
   
     10. A method in accordance with  claim 9 , comprising:
 receiving a registration message from the user equipment in a response message to the authentication challenge within the set time duration for the user equipment to respond to the authentication challenge. 
 
   
   
     11. A method in accordance with  claim 9 , wherein:
 the time length is contained in one of an expires or contact header of the session initiation protocol. 
 
   
   
     12. A method in accordance with  claim 9 , wherein:
 the temporary timer comprises a non-invite transaction timeout timer of the session initiation protocol. 
 
   
   
     13. A method in accordance with  claim 1 , further comprising:
 receiving a registration message from the user equipment in a response message to the authentication challenge within the set time duration for the user equipment to respond to the authentication challenge. 
 
   
   
     14. A method in accordance with  claim 1 , comprising:
 receiving a registration message from the user equipment in response message to the authentication challenge within the set time duration for the user equipment to respond to the authentication challenge. 
 
   
   
     15. A method in accordance with  claim 1 , wherein:
 the time length is contained in one of an expires or contact header of the session initiation protocol. 
 
   
   
     16. A method in accordance with  claim 1 , wherein:
 the time length is contained in one of an expires or contact header of the session initiation protocol. 
 
   
   
     17. A method in accordance with  claim 1 , wherein:
 the temporary timer comprises non-invite transaction timeout timer of the session initiation protocol. 
 
   
   
     18. A method in accordance with  claim 1 , wherein:
 the temporary timer comprises a non-invite transaction timeout timer of the session initiation protocol. 
 
   
   
     19. An apparatus, comprising:
 a receiver configured to receive a registration message from a user equipment, wherein the user equipment is configured to transmit and receive communications, and wherein the registration message is configured to request registration of the user equipment with the apparatus; 
 a timer configured to set, after receipt of the registration message, a time length of a security association between the user equipment and the apparatus, wherein the time length is set to be equal to a time length of a registration timer set between the user equipment and the apparatus during which registration of the user equipment with the apparatus is valid; and 
 a transmitter configured to transmit the set time length of the security association to the user equipment as an aclnowledgement message to the registration message to cause the security association to have a time duration equal to the registration time length, 
 wherein communications between the user equipment and the apparatus are configured to use a session initiation protocol, 
 wherein the registration message comprises a session initiation protocol register request message, 
 wherein the acknowledgment message comprises a session initiation protocol response message, and 
 wherein the transmitter is further configured to transmit an authentication challenge comprising a temporary timer to the user equipment, preceding the acknowledgment message, which sets a time duration for the user equipment to respond to the authentication challenge. 
 
   
   
     20. An apparatus in accordance with  claim 19  wherein:
 the apparatus is configured to perform a call state control function. 
 
   
   
     21. An apparatus in accordance with  claim 20 , wherein:
 the session initiation protocol response message comprises a 200 Auth_Ok message. 
 
   
   
     22. An apparatus in accordance with  claim 21 , wherein:
 the receiver is further configured to receive a registration message from the user equipment to the apparatus in a response message to the authentication challenge within the time duration set for the user equipment to respond to the authentication challenge. 
 
   
   
     23. An apparatus in accordance with  claim 21  wherein:
 the set time length is contained in one of an expires or contact header of the session initiation protocol. 
 
   
   
     24. An apparatus in accordance with  claim 21  wherein:
 the temporary timer comprises a non invite transaction timeout timer of the session initiation protocol. 
 
   
   
     25. An apparatus in accordance with  claim 20 , wherein:
 the receiver is further configured to receive a registration message from the user equipment to the apparatus in a response message to the authentication challenge within the time duration set for the user equipment to respond to the authentication challenge. 
 
   
   
     26. An apparatus in accordance with  claim 20  wherein:
 the set time length is contained in one of an expires or contact header of the session initiation protocol. 
 
   
   
     27. An apparatus in accordance with  claim 20  wherein:
 the temporary timer comprises a non-invite transaction timeout timer of the session initiation protocol. 
 
   
   
     28. An apparatus in accordance with  claim 19  wherein:
 the session initiation protocol response message comprises a 200 Auth_Ok message. 
 
   
   
     29. An apparatus in accordance with  claim 28 , wherein:
 the receiver is further configured to receive a registration message from the user equipment to the apparatus in a response message to the authentication challenge within the time duration set for the user equipment to respond to the authentication challenge. 
 
   
   
     30. An apparatus in accordance with  claim 28  wherein:
 the set time length is contained in one of an expires or contact header of the session initiation protocol. 
 
   
   
     31. An apparatus in accordance with  claim 28  wherein:
 the temporary timer comprises a non-invite transaction timeout timer of the session initiation protocol. 
 
   
   
     32. An apparatus in accordance with  claim 19 , wherein:
 the receiver is further configured to receive a registration message from the user equipment to the apparatus in a response message to the authentication challenge within the time duration set for the user equipment to respond to the authentication challenge. 
 
   
   
     33. An apparatus in accordance with  claim 19  wherein:
 the set time length is contained in one of an expires or contact header of the session initiation protocol. 
 
   
   
     34. An apparatus in accordance with  claim 19  wherein:
 the temporary timer comprises a non-invite transaction timeout timer of the session initiation protocol. 
 
   
   
     35. An apparatus, comprising:
 receiving means for receiving a registration message from a user equipment, wherein the user equipment is configured to transmit and receive communications, and wherein the registration message is configured to request registration of the user equipment with the apparatus; 
 timing means for setting, after receiving the registration message, a time length of a security association between the user equipment and the apparatus, wherein the time length is set to be equal to a time length of a registration timer set between the user equipment and the apparatus during which registration of the user equipment with the apparatus is valid; 
 transmitting means for transmitting the set time length of the security association to the user equipment as an acknowledgement meaasge to the registration message to cause the security association to have a time duration equal to the registration time length, 
 wherein communications between the user equipment and the apparatus are configured to use a session initiation protocol, 
 wherein the registration message comprises a session initiation protocol register request message, 
 wherein the acknowledgement message comprises a session initiation protocol response message , and 
 wherein the transmitting means is further for transmitting an authentication challenge comprising a temporary timer to the user equipment, preceding the acknowledgement message, which sets a time duration for the user equipment to respond to the authentication challenge. 
 
   
   
     36. A computer readable storage medium encoded with instructions that, when executed by a computer, perform:
 receiving a registration message from a user equipment, wherein the registration message is configured to request registration of the user equipment, and wherein the user equipment is configured to transmit and receive communications; 
 after receiving the registration message, setting a time length of a security association to be equal to a registration time length set for a registration of the user equipment; 
 transmitting the set time length of the security association to tthe user equipment as part of an acknowledgment message to the registration message to cause the security association to have a time equal to the registration time length; and 
 sending an authentication challenge comprising a temporary timer to the user equipment, preceding the acknowledgemnt message, which sets a time duration for the user equipment to respond to the authentication challenge, 
 wherein communications with the user equipment comprise a session initiation protocol, 
 wherein the registration message comprises a session initiation protocol register request message, and 
 wherein the acknowledgement message comprises a session initiation protocol response message. 
 
   
   
     37. The computer readable storage medium as claimed in  claim 36 , wherein the instructions, when executed by the computer, further perform:
 performing a call state control function. 
 
   
   
     38. The computer readable storage medium as claimed in  claim 36 , wherein the session initiation protocol response comprises a 200 Auth_Ok message. 
   
   
     39. The computer readable storage medium as claimed in  claim 36 , wherein the instructions, when executed by the computer, further perform:
 receiving a registration message from the user equipment in a response message to the authentication challenge within the set time duration for the user equipment to respond to the authentication challenge. 
 
   
   
     40. The computer readable storage medium as claimed in  claim 36 , wherein the time length is contained in one of an expires or contact header of the session initiation protocol. 
   
   
     41. The computer readable storage medium as claimed in  claim 36 , wherein the temporary timer comprises a non-invite transaction timeout timer of the session initiation protocol.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.